From 64613bc8b6b4adf1e32231f9844d99cd512b8973 Mon Sep 17 00:00:00 2001
From: Alexey Sokolov <alexey+znc@asokolov.org>
Date: Fri, 15 Mar 2019 20:34:10 +0000
Subject: [PATCH 1/4] Don't crash if user specified invalid encoding.

This is CVE-2019-9917
---
 modules/controlpanel.cpp             |  2 +-
 src/IRCNetwork.cpp                   |  4 ++--
 src/User.cpp                         |  4 ++--
 src/znc.cpp                          | 26 ++++++++++++++++++++++----
 test/integration/tests/scripting.cpp |  7 +++++++
 5 files changed, 34 insertions(+), 9 deletions(-)

diff --git a/modules/controlpanel.cpp b/modules/controlpanel.cpp
index 139c2aef..109f8c6b 100644
--- a/modules/controlpanel.cpp
+++ b/modules/controlpanel.cpp
@@ -495,7 +495,7 @@ class CAdminMod : public CModule {
 #ifdef HAVE_ICU
         else if (sVar == "clientencoding") {
             pUser->SetClientEncoding(sValue);
-            PutModule("ClientEncoding = " + sValue);
+            PutModule("ClientEncoding = " + pUser->GetClientEncoding());
         }
 #endif
         else
diff --git a/src/IRCNetwork.cpp b/src/IRCNetwork.cpp
index 0284dc53..0e1d6e2a 100644
--- a/src/IRCNetwork.cpp
+++ b/src/IRCNetwork.cpp
@@ -1482,9 +1482,9 @@ void CIRCNetwork::SetBindHost(const CString& s) {
 }
 
 void CIRCNetwork::SetEncoding(const CString& s) {
-    m_sEncoding = s;
+    m_sEncoding = CZNC::Get().FixupEncoding(s);
     if (GetIRCSock()) {
-        GetIRCSock()->SetEncoding(s);
+        GetIRCSock()->SetEncoding(m_sEncoding);
     }
 }
 
diff --git a/src/User.cpp b/src/User.cpp
index 3fd532a7..c44cf607 100644
--- a/src/User.cpp
+++ b/src/User.cpp
@@ -1253,9 +1253,9 @@ void CUser::SetAdmin(bool b) { m_bAdmin = b; }
 void CUser::SetDenySetBindHost(bool b) { m_bDenySetBindHost = b; }
 void CUser::SetDefaultChanModes(const CString& s) { m_sDefaultChanModes = s; }
 void CUser::SetClientEncoding(const CString& s) {
-    m_sClientEncoding = s;
+    m_sClientEncoding = CZNC::Get().FixupEncoding(s);
     for (CClient* pClient : GetAllClients()) {
-        pClient->SetEncoding(s);
+        pClient->SetEncoding(m_sClientEncoding);
     }
 }
 void CUser::SetQuitMsg(const CString& s) { m_sQuitMsg = s; }
diff --git a/src/znc.cpp b/src/znc.cpp
index 4e7216ee..3f4dd2e0 100644
--- a/src/znc.cpp
+++ b/src/znc.cpp
@@ -2092,18 +2092,36 @@ void CZNC::ForceEncoding() {
     m_uiForceEncoding++;
 #ifdef HAVE_ICU
     for (Csock* pSock : GetManager()) {
-        if (pSock->GetEncoding().empty()) {
-            pSock->SetEncoding("UTF-8");
-        }
+        pSock->SetEncoding(FixupEncoding(pSock->GetEncoding()));
     }
 #endif
 }
 void CZNC::UnforceEncoding() { m_uiForceEncoding--; }
 bool CZNC::IsForcingEncoding() const { return m_uiForceEncoding; }
 CString CZNC::FixupEncoding(const CString& sEncoding) const {
-    if (sEncoding.empty() && m_uiForceEncoding) {
+    if (!m_uiForceEncoding) {
+        return sEncoding;
+    }
+    if (sEncoding.empty()) {
         return "UTF-8";
     }
+    const char* sRealEncoding = sEncoding.c_str();
+    if (sEncoding[0] == '*' || sEncoding[0] == '^') {
+        sRealEncoding++;
+    }
+    if (!*sRealEncoding) {
+        return "UTF-8";
+    }
+#ifdef HAVE_ICU
+    UErrorCode e = U_ZERO_ERROR;
+    UConverter* cnv = ucnv_open(sRealEncoding, &e);
+    if (cnv) {
+        ucnv_close(cnv);
+    }
+    if (U_FAILURE(e)) {
+        return "UTF-8";
+    }
+#endif
     return sEncoding;
 }
 
diff --git a/test/integration/tests/scripting.cpp b/test/integration/tests/scripting.cpp
index 9dd68d8f..8f809f50 100644
--- a/test/integration/tests/scripting.cpp
+++ b/test/integration/tests/scripting.cpp
@@ -55,6 +55,13 @@ TEST_F(ZNCTest, Modpython) {
     ircd.Write(":n!u@h PRIVMSG nick :Hi\xF0, github issue #1229");
     // "replacement character"
     client.ReadUntil("Hi\xEF\xBF\xBD, github issue");
+
+    // Non-existing encoding
+    client.Write("PRIVMSG *controlpanel :Set ClientEncoding $me Western");
+    client.Write("JOIN #a\342");
+    client.ReadUntil(
+        ":*controlpanel!znc@znc.in PRIVMSG nick :ClientEncoding = UTF-8");
+    ircd.ReadUntil("JOIN #a\xEF\xBF\xBD");
 }
 
 TEST_F(ZNCTest, ModpythonSocket) {

From 6b03fac6c1be521b3f679a09b78b3cd30b9f26aa Mon Sep 17 00:00:00 2001
From: Alexey Sokolov <alexey+znc@asokolov.org>
Date: Fri, 22 Mar 2019 00:31:10 +0000
Subject: [PATCH 2/4] ZNC 1.7.3-rc1

---
 CMakeLists.txt        | 8 ++++----
 configure.ac          | 4 ++--
 include/znc/version.h | 4 ++--
 3 files changed, 8 insertions(+), 8 deletions(-)

diff --git a/CMakeLists.txt b/CMakeLists.txt
index 6f84e9d6..b5b73746 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -15,10 +15,10 @@
 #
 
 cmake_minimum_required(VERSION 3.1)
-project(ZNC VERSION 1.7.2)
-set(ZNC_VERSION 1.7.x)
-set(append_git_version true)
-set(alpha_version "") # e.g. "-rc1"
+project(ZNC VERSION 1.7.3)
+set(ZNC_VERSION 1.7.3)
+set(append_git_version false)
+set(alpha_version "-rc1") # e.g. "-rc1"
 set(VERSION_EXTRA "" CACHE STRING
 	"Additional string appended to version, e.g. to mark distribution")
 
diff --git a/configure.ac b/configure.ac
index b755cfe8..63d38d9b 100644
--- a/configure.ac
+++ b/configure.ac
@@ -7,8 +7,8 @@ AC_DEFUN([AC_PROG_CC], [m4_errprint(__file__:__line__[: Something is trying to u
 dnl Needed for AC_PATH_PROGS_FEATURE_CHECK which was added in 2.62
 AC_PREREQ([2.62])
 dnl Keep the version number in sync with version.h!
-AC_INIT([znc], [1.7.x])
-LIBZNC_VERSION=1.7.x
+AC_INIT([znc], [1.7.3-rc1])
+LIBZNC_VERSION=1.7.3
 AC_CONFIG_MACRO_DIR([m4])
 AC_CONFIG_SRCDIR([src/znc.cpp])
 AC_LANG([C++])
diff --git a/include/znc/version.h b/include/znc/version.h
index 3f3fbab8..69ec2386 100644
--- a/include/znc/version.h
+++ b/include/znc/version.h
@@ -20,9 +20,9 @@ limitations under the License.
 // The following defines are for #if comparison (preprocessor only likes ints)
 #define VERSION_MAJOR 1
 #define VERSION_MINOR 7
-#define VERSION_PATCH -1
+#define VERSION_PATCH 3
 // This one is for display purpose and to check ABI compatibility of modules
-#define VERSION_STR "1.7.x"
+#define VERSION_STR "1.7.3"
 #endif
 
 // Don't use this one

From be1b6bcd4cafbc57ebc298d89a5402ae7df55a8a Mon Sep 17 00:00:00 2001
From: Alexey Sokolov <alexey+znc@asokolov.org>
Date: Sat, 30 Mar 2019 14:36:01 +0000
Subject: [PATCH 3/4] Increase version number to 1.7.3

---
 CMakeLists.txt |  2 +-
 ChangeLog.md   | 10 ++++++++++
 configure.ac   |  2 +-
 3 files changed, 12 insertions(+), 2 deletions(-)

diff --git a/CMakeLists.txt b/CMakeLists.txt
index b5b73746..662a0c90 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -18,7 +18,7 @@ cmake_minimum_required(VERSION 3.1)
 project(ZNC VERSION 1.7.3)
 set(ZNC_VERSION 1.7.3)
 set(append_git_version false)
-set(alpha_version "-rc1") # e.g. "-rc1"
+set(alpha_version "") # e.g. "-rc1"
 set(VERSION_EXTRA "" CACHE STRING
 	"Additional string appended to version, e.g. to mark distribution")
 
diff --git a/ChangeLog.md b/ChangeLog.md
index f4525425..de4156b8 100644
--- a/ChangeLog.md
+++ b/ChangeLog.md
@@ -1,3 +1,13 @@
+# ZNC 1.7.3 (2019-03-30)
+
+## Fixes
+This is a security release to fix CVE-2019-9917. Thanks to LunarBNC for the bugreport.
+
+## New
+Docker only: the znc image now supports --user option of docker run.
+
+
+
 # ZNC 1.7.2 (2019-01-19)
 
 ## New
diff --git a/configure.ac b/configure.ac
index 63d38d9b..2fee69a1 100644
--- a/configure.ac
+++ b/configure.ac
@@ -7,7 +7,7 @@ AC_DEFUN([AC_PROG_CC], [m4_errprint(__file__:__line__[: Something is trying to u
 dnl Needed for AC_PATH_PROGS_FEATURE_CHECK which was added in 2.62
 AC_PREREQ([2.62])
 dnl Keep the version number in sync with version.h!
-AC_INIT([znc], [1.7.3-rc1])
+AC_INIT([znc], [1.7.3])
 LIBZNC_VERSION=1.7.3
 AC_CONFIG_MACRO_DIR([m4])
 AC_CONFIG_SRCDIR([src/znc.cpp])

From 9966bea961baf238d74c77f2e876d0803698266a Mon Sep 17 00:00:00 2001
From: Alexey Sokolov <alexey+znc@asokolov.org>
Date: Sat, 30 Mar 2019 14:41:01 +0000
Subject: [PATCH 4/4] Return version back to 1.7.x

---
 CMakeLists.txt        | 4 ++--
 configure.ac          | 4 ++--
 include/znc/version.h | 4 ++--
 3 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/CMakeLists.txt b/CMakeLists.txt
index 662a0c90..e9ab6293 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -16,8 +16,8 @@
 
 cmake_minimum_required(VERSION 3.1)
 project(ZNC VERSION 1.7.3)
-set(ZNC_VERSION 1.7.3)
-set(append_git_version false)
+set(ZNC_VERSION 1.7.x)
+set(append_git_version true)
 set(alpha_version "") # e.g. "-rc1"
 set(VERSION_EXTRA "" CACHE STRING
 	"Additional string appended to version, e.g. to mark distribution")
diff --git a/configure.ac b/configure.ac
index 2fee69a1..b755cfe8 100644
--- a/configure.ac
+++ b/configure.ac
@@ -7,8 +7,8 @@ AC_DEFUN([AC_PROG_CC], [m4_errprint(__file__:__line__[: Something is trying to u
 dnl Needed for AC_PATH_PROGS_FEATURE_CHECK which was added in 2.62
 AC_PREREQ([2.62])
 dnl Keep the version number in sync with version.h!
-AC_INIT([znc], [1.7.3])
-LIBZNC_VERSION=1.7.3
+AC_INIT([znc], [1.7.x])
+LIBZNC_VERSION=1.7.x
 AC_CONFIG_MACRO_DIR([m4])
 AC_CONFIG_SRCDIR([src/znc.cpp])
 AC_LANG([C++])
diff --git a/include/znc/version.h b/include/znc/version.h
index 69ec2386..3f3fbab8 100644
--- a/include/znc/version.h
+++ b/include/znc/version.h
@@ -20,9 +20,9 @@ limitations under the License.
 // The following defines are for #if comparison (preprocessor only likes ints)
 #define VERSION_MAJOR 1
 #define VERSION_MINOR 7
-#define VERSION_PATCH 3
+#define VERSION_PATCH -1
 // This one is for display purpose and to check ABI compatibility of modules
-#define VERSION_STR "1.7.3"
+#define VERSION_STR "1.7.x"
 #endif
 
 // Don't use this one